|
|
To print: Select File and then Print from your browser's menu
-------------------------------------------------------------- This story was printed from ZDNet Australia. --------------------------------------------------------------
|
Apple issues Java security update By Dawn Kawamoto, CNET News.com April 20, 2006 URL: http://www.zdnet.com.au/news/security/soa/Apple-issues-Java-security-update/0,130061744,139252788,00.htm
Apple Computer has released a Java update for Mac OS X to deal with flaws, one of which could enable malicious attackers to gain access to a system. The Java 2 Standard Edition 5.0 Release 4 update, issued on Monday, fixes a vulnerability in Java Web Start. The hole could allow a specially crafted application to bypass security restrictions and access resources on a system, potentially giving entry to an intruder. Java Web Start is a technology that loads Java applications over a network such as the Internet. The update also patches a set of bugs in the "reflection" application programming interface, or API, parts of the Java Runtime Environment. These flaws could also allow an attacker to bypass security barriers to take control of a system. The French Security Incident Response Team, or FrSIRT, rated the issues "critical" in an alert posted on Tuesday. The issues affect Mac OS X version 10.4.5 and the corresponding server edition of the operating system, which have Java 2 built into them. Apple advises people with this software to download and install the J2SE update. The Java problems also have an impact on Microsoft Windows, Sun Microsystems' Solaris and Linux. In February, Sun issued an alert for the Web Start flaw and the Java Runtime Environment issues in these operating systems. Santa Clara, California-based Sun said at the time that it did not believe that the Web Start vulnerability had been exploited.
Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved. |
